Nearly 10% of Bitcoin Supply Vulnerable to Quantum Computing Threat

Nearly 10% of the total Bitcoin supply is considered “structurally unsafe” from a quantum computing breakthrough, as their output type reveals the public key by design, regardless of address management practices, according to data analytics platform Glassnode.

Totaling about 1.92 million Bitcoin (BTC), the group includes BTC from early Satoshi-era Pay-to-Public-Key (P2PK) outputs, legacy multi-sig structures such as Pay-to-Multisig (P2MS) and modern Pay-to-Taproot (P2TR) outputs, which reveal the public key or public key-equivalent by design, wrote Glassnode in a Wednesday X post.

Bitcoin creator Satoshi Nakamoto’s coins represent about 1.1 million or 5.5% of the vulnerable supply, following another 620,000 Satoshi-era coins or 3.1% of the supply and about 200,000 coins or 1% of the supply in Taproot addresses.

Choosing how to implement PQC [post-quantum cryptography] and deploy it on-chain should remain decoupled from the question of what to do about coins that remain quantum vulnerable. Yet the two matters often are conflated, the controversy around the latter often clouding discussions of the former - ARK Invest

The findings underscore the need to implement a quantum-proof path for Bitcoin, such as the adoption of BIP-360's proposed Pay-to-Merkle-Root (P2MR) output type, which seeks to remove Taproot’s quantum-vulnerable key path spend, though it does not itself add post-quantum digital signatures.

While 9.6% of the total supply remains structurally exposed, a significant part of this exposure “could be reduced if wallet infrastructure, address standards, and user behavior evolve,” added Glassnode.

However, this supply would only be vulnerable to quantum theft if quantum computers can break Bitcoin’s elliptic curve cryptography (ECC), which would require about 2,330 logical qubits and tens of millions to billions of quantum gates, according to a March white paper published by US investment manager Ark Invest.

Source: Glassnode

Nearly 70% of Bitcoin’s supply is safe from quantum computing threat

Glassnode estimates that about 13.99 million Bitcoin, representing 69.8% of the total supply, remain unexposed to a quantum computing threat, which is largely in line with Ark Invest’s figures, which show that 65% of the supply was safe, Cointelegraph reported in March.

Still, the analytics provider notes that about 4.12 million BTC, or 20.6% of the total supply, are “operationally unsafe,” meaning that these coins are exposed due to a key or address management issue.

Source: Glassnode

Entity-level data shows that the holdings of some large corporate entities are exposed. This includes 100% of BTC held by Franklin Templeton, WisdomTree and Robinhood, 99% of neobank Revolut’s Bitcoin, 52% of Grayscale’s holdings and just 2% of Fidelity’s Bitcoin stash.

Related: Bernstein says Bitcoin market already priced in quantum risk

Looking at the exposed tokens of cryptocurrency exchanges, only about 5% of BTC held on Coinbase is exposed, compared to 85% of Binance’s BTC and about 100% of the holdings on Bitfinex exchange.

To reduce exposure, exchanges and custodians are advised to reduce key reuse, improve address hygiene and plan a migration into a quantum-proof format to position for a future quantum breakthrough, wrote Glassnode.